Privacy policy
10/27/2024 version
Introduction
At Tomorro, protecting your personal is a priority.
When you use the website www.gotomorro.com (the "Site") and/or our platform Tomorro app.gotomorro.com (the "Platform"), cookies, pixels, and other trackers (hereinafter collectively referred to as "Cookies") are placed on your browser or device.
The purpose of this policy is to inform you about how we process this data in compliance with Regulation (EU) 2016/679 of April 27, 2016, concerning the protection of individuals with regard to the processing of personal data and the free movement of such data (the "GDPR") and Law No. 78-17 of January 6, 1978, relating to information technology, files, and freedoms (together referred to as the "Applicable Regulation").
1. Who is the data controller?
When you browse our Site/Platform or as part of managing our contractual relationships with our clients, the data controller is the company TOMORRO (LEEWAY SAS), a simplified joint-stock company registered with the Toulouse Trade and Companies Register under number 881 239 800, with its headquarters at 13 rue Sainte Ursule – 31000 Toulouse ("We").
However, when our clients use our services, we collect and process personal data on their behalf. Our clients are, therefore, the data controllers according to Article 4 of the GDPR. We act as a data processor as a service provider.
2. What data do we collect?
Personal data refers to data that can identify an individual directly or through cross-referencing with other data.
We collect the following categories of personal data:
Identification and contact information (name, first name, email address);
Professional information (company name, professional email address);
Data related to your use of the Platform (e.g., exchanges via chat and support service);
Connection data (login logs, hashed passwords);
If you choose to log in using a third-party authentication service (e.g., Google), some data such as your name and email may be retrieved from that service. By choosing this method, you agree that the service may provide us with this data. We do not collect your third-party account password;
Navigation data (IP address, pages viewed, connection date and time, browser used, type and version of the browser);
Data from phone call recordings between you and our customer service (call content, dates of calls);
Any information you choose to share with us when requesting contact or a demonstration.
3. How do we collect the data?
We collect your data either:
Because you provided it directly (e.g., by filling out a contact or demonstration request form on our Site);
Or because we collected it indirectly via business partners, service providers, or database enrichment tools.
4. On what legal basis do we process your data, for what purposes, and how long do we retain your personal data?
La collecte des Données Personnelles de l'Utilisateur a pour objectif principal de fournir à l'Utilisateur une expérience optimale, efficace et personnalisée lors de l'utilisation de la Solution. A cette fin, l'Utilisateur reconnaît que la Société peut utiliser ses Données Personnelles sur la base de son intérêt légitime à lui fournir un service de qualité.
Les données personnelles sont collectées et traitées aux fins suivantes :
Login logs are kept for 12 months.
Additionally, your data may be archived for legal purposes for up to 5 years
Data (excluding banking details) is archived for legal purposes for up to 5 years. CVV2 codes are not stored.
Call analysis documents are kept for 1 year from the recording.
Data collected via cookies to improve user experience is kept for 25 months.
For prospects: data is kept for 3 years from the last contact.
For prospects: data is kept for 3 years from the last contact.
Transaction data (excluding banking details) is kept for 5 years.
If rejected, your data may be retained for 3 months post-recruitment for feedback purposes.
Data may be archived for legal reasons for up to 5 years.
If you object to receiving marketing, this information is retained for 3 years.
5. Who can access your data?
Your personal data may be accessed by:
Our company’s staff;
Our subcontractors (audience measurement provider, CRM tools, email services, secure payment provider, billing tools, cookie management tools);
If necessary, public and private entities solely for the purpose of meeting our legal obligations.
6. Are your data transferred outside the European Union?
Your data is stored on Amazon Web Services (AWS) servers located within the European Union. However, your data may be transferred outside the European Union in the following cases:
The data is transferred to a country with an adequacy decision by the European Commission, ensuring sufficient protection levels according to the GDPR;
The data is transferred to a country without adequate protection, in which case we ensure proper safeguards as per GDPR Article 46 (e.g., Standard Contractual Clauses, binding corporate rules, or an approved certification mechanism);
The data transfer is based on specific appropriate guarantees under GDPR Chapter V.
You can obtain a copy of the transfer tools by contacting us at the details provided below.
7. What are your rights regarding your data?
You have the following rights:
Right to information: This is why we have drafted this policy (Articles 13 and 14 of the GDPR).
Right of access: You can access your personal data at any time (Article 15 of the GDPR).
Right of rectification: You can correct your personal data if it is inaccurate, incomplete, or outdated (Article 16 of the GDPR).
Right to restriction of processing: In certain cases defined by Article 18 of the GDPR, you may request the limitation of your personal data’s processing
Right to erasure: You can request that your personal data be deleted and prevent future collection under Article 17 of the GDPR.
Right to file a complaint: If you believe your data has been improperly processed, you can file a complaint with the relevant supervisory authority (CNIL in France) under Article 77 of the GDPR.
Right to set instructions for your data after your death: You may define guidelines on the use of your data after you pass away.
Right to withdraw consent: You can withdraw your consent at any time, as per Article 7 of the GDPR.
Right to data portability: Under certain conditions defined by Article 20 of the GDPR, you have the right to receive your personal data in a readable format and request its transfer to a recipient of your choice.
Right to object: You may object to the processing of your personal data, although we may retain the right to process it for legitimate reasons or legal defense (Article 21 of the GDPR).
You can exercise these rights by contacting us at the email or physical address provided below. We may request further information to verify your identity before fulfilling your request.
8. Cookies
For more details on our cookie management, please refer to our Cookie Policy.
9. Contact for Exercising Your Rights
Email: contact@gotomorro.com
Address: Tomorro SAS, 13 rue Sainte-Ursule - 31000 Toulouse, France
10. Modifications
We may amend this policy at any time, particularly to comply with regulatory, judicial, editorial, or technical changes. These changes will apply from the date the modified version takes effect. You are encouraged to regularly consult the latest version of this policy. However, we will inform you of any significant changes.
